Vulnerabilities > Stanford > Corenlp > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2021-44550 Injection vulnerability in Stanford Corenlp 4.3.2
An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159).
network
low complexity
stanford CWE-74
critical
 9.8
9.8
2022-01-17 CVE-2022-0239 XXE vulnerability in Stanford Corenlp
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
network
low complexity
stanford CWE-611
critical
 9.8
9.8
2021-10-15 CVE-2021-3878 XXE vulnerability in Stanford Corenlp
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
network
low complexity
stanford CWE-611
critical
 9.8
9.8